The news this week that China has been hit by its “biggest ever” cyber attack has been reported across the global media, highlighting how the distributed denial of service (DDoS) attack was said to have targeted servers responsible for sites with a .cn domain name.
The reality is that this type of attack isn’t particularly new, clever or innovative. Volumetric DDoS attacks will continue to take place and make the news and businesses and have a responsibility to protect themselves from this type of attack in future.
It’s also important to remember that a DDoS attack is often just a smoke screen for a more sophisticated attack that can potentially cost the company even more money. The problem here is to find the needle in the haystack. How does your security infrastructure cope with the influx of traffic during a DDoS attack. More importantly, can it find things like SQL injection attacks in the storm of traffic?
Recent news that the UK government is also looking to train army reserves to become cyber defence specialists is understandable, particularly in light of news that cyber attacks hit government departments around 1,000 times per hour.
Prime Minister David Cameron and other members of the government have spoken about the importance of improving the nation’s cyber defences. Foreign Secretary William Hague described it as one of the “great challenges of our time” and one which the UK must confront.
This is a lead that businesses can follow as well. By adding cyber specialists to their IT teams, businesses can improve their defences, helping them stop the types of attacks that can cause so much damage, both financially and in terms of reputation.
So how can businesses do to protect themselves in the light of such threats? I believe that a combination of on-premise equipment for detecting network based DDoS attacks and attacks on the application level allows you to close the window for cyber criminals and more efficiently stop any attack on a network and application layer.
The risk of being “DDoS attacked” has never been greater. DDoS attacks have become the de-factor standard for online protests and it will continue to be used by hacktivists to make themselves heard, whether for political, ideological, financial or religious reasons. Our job is to ensure we continue to build the best solutions to prevent such attacks.